Cybersecurity
_ _ _ 0 Comments

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres […]

LEARN MORE
Cybersecurity
_ _ _ 0 Comments

Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes

A security bug in the widely used Kubernetes container-management system allows attackers to remotely execute code with System privileges on Windows endpoints, potentially leading to full takeover of all Windows nodes within a Kubernetes cluster. Akamai security researcher Tomer Peled discovered the flaw, which is tracked as CVE-2023-5528 and has a CVSS score of 7.2. […]

LEARN MORE 1
Cybersecurity
_ _ _ 0 Comments

Hackers seen exploiting bugs in browsers and popular file transfer tool

A vulnerability affecting a widely used tool embedded in web browsers and a separate bug in a popular file transfer tool are being exploited by hackers, according to both government officials and cybersecurity experts. The Cybersecurity and Infrastructure Security Agency (CISA) warned on Monday that hackers are exploiting CVE-2023-5217 — a vulnerability affecting Google’s Chrome […]

LEARN MORE 1
Cybersecurity
_ _ tazz_ 0 Comments

BatLoader Unleashed in Ongoing Webex Malvertising Campaign | Cyware Hacker News

A recent malvertising campaign has been found focusing on corporate users who are downloading the widely used web conferencing application, Webex. In this campaign, malicious actors have purchased an advertisement that mimics Cisco’s branding, and it appears as the top result when conducting a Google search.  Diving into details The ad appears completely legitimate at […]

LEARN MORE